<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>用户操作页面</title>
</head>
<body>
    <h1>用户操作</h1>
    <div>
        <label for="viewId">查看用户信息 - 输入ID:</label>
        <input type="text" id="viewId" placeholder="请输入用户ID" oninput="sanitizeInput(this)">
        <button onclick="viewUser()">查看</button>
    </div>
    <script>
        function viewUser() {
            const id = document.getElementById('viewId').value;
            if (id) {
                window.location.href = `http://127.0.0.1:5000/api_1_0/user/${id}`;
            }
        }
    
    function sanitizeInput(input) {
    input.value = input.value.replace(/[&<"'>]/g, function(match) {
        switch (match) {
            case '&':
                return '&amp;';
            case '<':
                return '&lt;';
            case '>':
                return '&gt;';
            case '"':
                return '&quot;';
            case '\'':
                return '&#39;';
        }
    });
}
</script>

</body>
</html>